Martin, Using the next 7 security type values is silly, because it just means that they'll clash with new security types as and when they are added to the RFB protocol, causing confusion for anyone who uses your patches.
The "normal" way to have a TLS-encapsulated version of a protocol is to have it run on a different port to the plain version, which avoids any problems of clashes. However, this approach requires that you choose a new port number to use, and of course means accepting connections on two different ports, etc etc. In order to support both standard RFB connections and connections using your custom TLS/RFB based protocol, the correct approach is to use a single "security type", which we can allocate from the security type space for you. This is used by your viewer and server to discover that the other end supports your custom TLS/RFB based protocol, after which you can choose which of the variants you mention below to use, and then continue as normal. Cheers, Wez @ RealVNC Ltd. > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Martin Kvgler > Sent: 02 January 2006 19:55 > To: [email protected] > Subject: Encryption support for RealVNC 4.1.1 > > I ported older patches for TLS support to RealVNC 4.1.1. The > encyrption > is done with GNU TLS and works on all three plattforms > (Windows, Unix, Java): > > http://www.auto.tuwien.ac.at/~mkoegler/index.php/tlsvnc > > The TLS* Security Types perform no server verification, the > X509* Security Types > verify the server certificat against a certificat specified > by a parameter (except > the Java version). > > The controlling of all encryption relevant parameters is > currently only possible > via the command line. > > Feel free to ask, if you have any questions about it. > > To people at realvnc.com: > > I use 7 new Security Types, for which I use the next free > number. I do not know, if > anybody other find these patches useful, so I currently see > no need to block 7 out > of the 256 possibly security types. > > I offer change some (or all) security types to offical > allocated number, if somebody thinks, > it is neccessary or useful. > > mfg Martin Kvgler > _______________________________________________ > VNC-List mailing list > [email protected] > To remove yourself from the list visit: > http://www.realvnc.com/mailman/listinfo/vnc-list _______________________________________________ VNC-List mailing list [email protected] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
